วันเสาร์ที่ 1 สิงหาคม พ.ศ. 2558

Basic Linux command in Clear OS

All Linux Command for future reference

#block windows live messenger by Squid

First Live messenger will use default 1863 tcp if block, will use app msn-messenger instead

So, need to block port 1863 for specific ip

Iptables –I FORWARD –s 192.168.2.62 –p tcp –dport 1863 –J DROP

Then block msn app in squid

Squid.conf
===========================================================

acl rin src 192.168.2.62/255.255.255.255

#acl time

acl noon time 09:00-13:00

#end acl time

acl msnmime req_mime_type -i ^application/x-msn-messenger
acl msnmime2 rep_mime_type -i ^application/x-msn-messenger

acl msn_method method POST
acl msngw url_regex -i gateway.dll

#acl for video streaming

acl s1 req_mime_type -i ^video/x-ms-asf$ ^video/x-flv ^video/flv ^video/x-fcs
acl ss1 rep_mime_type -i ^video/x-ms-asf$ ^video/x-flv ^video/flv ^video/x-fcs

#end manual customization

#block streaming youtube
#http_access deny rin s1
#http_reply_access deny rin ss1
#end block youtube

#test block windows live block msn ip rin at 12:00-13:00

#allow ip rin access msn noon time
http_access allow msnmime rin noon
http_reply_access allow msnmime2 rin noon

#block ip rin access msn all time
http_access deny msnmime rin noon
http_reply_access deny msnmime2 rin noon


#http_access deny msngw

#end test block windows live
===========================================================

Upgrade command for ClearOS

Yum clean all
Yum install app-upgradeto52
Yum upgrade

===========================================================

Clear OS webconfig overload

Edit file /usr/webconfig/conf/httpd.conf

change
log level warn
to
log level crit

then restart webconfig # /etc/init.d/webconfig restart
===========================================================

Mount Network command

Mount –o username=xxx //192.168.3.3/it_share /mnt/rin
Enter network password

===========================================================
Check disk usage and sort by bytes

du -k |sort -nr |less
du -k |sort -nr |grep /new |less
du -k |sort -nr |grep /cur |less

===========================================================

Iptables command
iptables blocking with mac address
Drop all connection coming from mac address 00:0F:EA:91:04:08 (add command to your firewall script)
iptables -A INPUT -m mac --mac-source 00:0F:EA:91:04:08 -j DROP
iptables allowing with mac address
Allow port 22 for mac address 00:0F:EA:91:04:07
iptables -A INPUT -p tcp --destination-port 22 -m mac --mac-source
00:0F:EA:91:04:07 -j ACCEPT
 
Tcpdump mac address :

tcpdump ether host 00:20:18:8F:79:32 -i eth4
เขียนโดย ที่

ไม่มีความคิดเห็น:

แสดงความคิดเห็น

สมัครสมาชิก: ส่งความคิดเห็น (Atom)